PyPI - pulumi-vault - Versions diffs - 7.6.0a1764657486__py3-none-any.whl - Mend

pulumi-vault 7.6.0a1764657486__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (274) hide show

pulumi_vault/__init__.py +1399 -0
pulumi_vault/_inputs.py +2701 -0
pulumi_vault/_utilities.py +331 -0
pulumi_vault/ad/__init__.py +12 -0
pulumi_vault/ad/get_access_credentials.py +177 -0
pulumi_vault/ad/secret_backend.py +1916 -0
pulumi_vault/ad/secret_library.py +546 -0
pulumi_vault/ad/secret_role.py +499 -0
pulumi_vault/alicloud/__init__.py +9 -0
pulumi_vault/alicloud/auth_backend_role.py +866 -0
pulumi_vault/approle/__init__.py +12 -0
pulumi_vault/approle/auth_backend_login.py +571 -0
pulumi_vault/approle/auth_backend_role.py +1082 -0
pulumi_vault/approle/auth_backend_role_secret_id.py +796 -0
pulumi_vault/approle/get_auth_backend_role_id.py +169 -0
pulumi_vault/audit.py +499 -0
pulumi_vault/audit_request_header.py +277 -0
pulumi_vault/auth_backend.py +565 -0
pulumi_vault/aws/__init__.py +22 -0
pulumi_vault/aws/auth_backend_cert.py +420 -0
pulumi_vault/aws/auth_backend_client.py +1259 -0
pulumi_vault/aws/auth_backend_config_identity.py +494 -0
pulumi_vault/aws/auth_backend_identity_whitelist.py +380 -0
pulumi_vault/aws/auth_backend_login.py +1046 -0
pulumi_vault/aws/auth_backend_role.py +1961 -0
pulumi_vault/aws/auth_backend_role_tag.py +638 -0
pulumi_vault/aws/auth_backend_roletag_blacklist.py +366 -0
pulumi_vault/aws/auth_backend_sts_role.py +414 -0
pulumi_vault/aws/get_access_credentials.py +369 -0
pulumi_vault/aws/get_static_access_credentials.py +137 -0
pulumi_vault/aws/secret_backend.py +2018 -0
pulumi_vault/aws/secret_backend_role.py +1188 -0
pulumi_vault/aws/secret_backend_static_role.py +639 -0
pulumi_vault/azure/__init__.py +15 -0
pulumi_vault/azure/_inputs.py +108 -0
pulumi_vault/azure/auth_backend_config.py +1096 -0
pulumi_vault/azure/auth_backend_role.py +1176 -0
pulumi_vault/azure/backend.py +1793 -0
pulumi_vault/azure/backend_role.py +883 -0
pulumi_vault/azure/get_access_credentials.py +400 -0
pulumi_vault/azure/outputs.py +107 -0
pulumi_vault/cert_auth_backend_role.py +1539 -0
pulumi_vault/config/__init__.py +9 -0
pulumi_vault/config/__init__.pyi +164 -0
pulumi_vault/config/_inputs.py +73 -0
pulumi_vault/config/outputs.py +1225 -0
pulumi_vault/config/ui_custom_message.py +530 -0
pulumi_vault/config/vars.py +230 -0
pulumi_vault/consul/__init__.py +10 -0
pulumi_vault/consul/secret_backend.py +1517 -0
pulumi_vault/consul/secret_backend_role.py +847 -0
pulumi_vault/database/__init__.py +14 -0
pulumi_vault/database/_inputs.py +11907 -0
pulumi_vault/database/outputs.py +8496 -0
pulumi_vault/database/secret_backend_connection.py +1676 -0
pulumi_vault/database/secret_backend_role.py +840 -0
pulumi_vault/database/secret_backend_static_role.py +881 -0
pulumi_vault/database/secrets_mount.py +2160 -0
pulumi_vault/egp_policy.py +399 -0
pulumi_vault/gcp/__init__.py +17 -0
pulumi_vault/gcp/_inputs.py +441 -0
pulumi_vault/gcp/auth_backend.py +1486 -0
pulumi_vault/gcp/auth_backend_role.py +1235 -0
pulumi_vault/gcp/get_auth_backend_role.py +514 -0
pulumi_vault/gcp/outputs.py +302 -0
pulumi_vault/gcp/secret_backend.py +1807 -0
pulumi_vault/gcp/secret_impersonated_account.py +484 -0
pulumi_vault/gcp/secret_roleset.py +554 -0
pulumi_vault/gcp/secret_static_account.py +557 -0
pulumi_vault/generic/__init__.py +11 -0
pulumi_vault/generic/endpoint.py +786 -0
pulumi_vault/generic/get_secret.py +306 -0
pulumi_vault/generic/secret.py +486 -0
pulumi_vault/get_auth_backend.py +226 -0
pulumi_vault/get_auth_backends.py +170 -0
pulumi_vault/get_namespace.py +226 -0
pulumi_vault/get_namespaces.py +202 -0
pulumi_vault/get_nomad_access_token.py +210 -0
pulumi_vault/get_policy_document.py +160 -0
pulumi_vault/get_raft_autopilot_state.py +267 -0
pulumi_vault/github/__init__.py +13 -0
pulumi_vault/github/_inputs.py +225 -0
pulumi_vault/github/auth_backend.py +1194 -0
pulumi_vault/github/outputs.py +174 -0
pulumi_vault/github/team.py +380 -0
pulumi_vault/github/user.py +380 -0
pulumi_vault/identity/__init__.py +35 -0
pulumi_vault/identity/entity.py +447 -0
pulumi_vault/identity/entity_alias.py +398 -0
pulumi_vault/identity/entity_policies.py +455 -0
pulumi_vault/identity/get_entity.py +384 -0
pulumi_vault/identity/get_group.py +467 -0
pulumi_vault/identity/get_oidc_client_creds.py +175 -0
pulumi_vault/identity/get_oidc_openid_config.py +334 -0
pulumi_vault/identity/get_oidc_public_keys.py +179 -0
pulumi_vault/identity/group.py +805 -0
pulumi_vault/identity/group_alias.py +386 -0
pulumi_vault/identity/group_member_entity_ids.py +444 -0
pulumi_vault/identity/group_member_group_ids.py +467 -0
pulumi_vault/identity/group_policies.py +471 -0
pulumi_vault/identity/mfa_duo.py +674 -0
pulumi_vault/identity/mfa_login_enforcement.py +566 -0
pulumi_vault/identity/mfa_okta.py +626 -0
pulumi_vault/identity/mfa_pingid.py +616 -0
pulumi_vault/identity/mfa_totp.py +758 -0
pulumi_vault/identity/oidc.py +268 -0
pulumi_vault/identity/oidc_assignment.py +375 -0
pulumi_vault/identity/oidc_client.py +667 -0
pulumi_vault/identity/oidc_key.py +474 -0
pulumi_vault/identity/oidc_key_allowed_client_id.py +298 -0
pulumi_vault/identity/oidc_provider.py +550 -0
pulumi_vault/identity/oidc_role.py +543 -0
pulumi_vault/identity/oidc_scope.py +355 -0
pulumi_vault/identity/outputs.py +137 -0
pulumi_vault/jwt/__init__.py +12 -0
pulumi_vault/jwt/_inputs.py +225 -0
pulumi_vault/jwt/auth_backend.py +1347 -0
pulumi_vault/jwt/auth_backend_role.py +1847 -0
pulumi_vault/jwt/outputs.py +174 -0
pulumi_vault/kmip/__init__.py +11 -0
pulumi_vault/kmip/secret_backend.py +1591 -0
pulumi_vault/kmip/secret_role.py +1194 -0
pulumi_vault/kmip/secret_scope.py +372 -0
pulumi_vault/kubernetes/__init__.py +15 -0
pulumi_vault/kubernetes/auth_backend_config.py +654 -0
pulumi_vault/kubernetes/auth_backend_role.py +1031 -0
pulumi_vault/kubernetes/get_auth_backend_config.py +280 -0
pulumi_vault/kubernetes/get_auth_backend_role.py +470 -0
pulumi_vault/kubernetes/get_service_account_token.py +344 -0
pulumi_vault/kubernetes/secret_backend.py +1341 -0
pulumi_vault/kubernetes/secret_backend_role.py +1140 -0
pulumi_vault/kv/__init__.py +18 -0
pulumi_vault/kv/_inputs.py +124 -0
pulumi_vault/kv/get_secret.py +240 -0
pulumi_vault/kv/get_secret_subkeys_v2.py +275 -0
pulumi_vault/kv/get_secret_v2.py +315 -0
pulumi_vault/kv/get_secrets_list.py +186 -0
pulumi_vault/kv/get_secrets_list_v2.py +243 -0
pulumi_vault/kv/outputs.py +102 -0
pulumi_vault/kv/secret.py +397 -0
pulumi_vault/kv/secret_backend_v2.py +455 -0
pulumi_vault/kv/secret_v2.py +970 -0
pulumi_vault/ldap/__init__.py +19 -0
pulumi_vault/ldap/_inputs.py +225 -0
pulumi_vault/ldap/auth_backend.py +2520 -0
pulumi_vault/ldap/auth_backend_group.py +386 -0
pulumi_vault/ldap/auth_backend_user.py +439 -0
pulumi_vault/ldap/get_dynamic_credentials.py +181 -0
pulumi_vault/ldap/get_static_credentials.py +192 -0
pulumi_vault/ldap/outputs.py +174 -0
pulumi_vault/ldap/secret_backend.py +2207 -0
pulumi_vault/ldap/secret_backend_dynamic_role.py +767 -0
pulumi_vault/ldap/secret_backend_library_set.py +552 -0
pulumi_vault/ldap/secret_backend_static_role.py +541 -0
pulumi_vault/managed/__init__.py +11 -0
pulumi_vault/managed/_inputs.py +944 -0
pulumi_vault/managed/keys.py +398 -0
pulumi_vault/managed/outputs.py +667 -0
pulumi_vault/mfa_duo.py +589 -0
pulumi_vault/mfa_okta.py +623 -0
pulumi_vault/mfa_pingid.py +670 -0
pulumi_vault/mfa_totp.py +620 -0
pulumi_vault/mongodbatlas/__init__.py +10 -0
pulumi_vault/mongodbatlas/secret_backend.py +388 -0
pulumi_vault/mongodbatlas/secret_role.py +726 -0
pulumi_vault/mount.py +1262 -0
pulumi_vault/namespace.py +452 -0
pulumi_vault/nomad_secret_backend.py +1559 -0
pulumi_vault/nomad_secret_role.py +489 -0
pulumi_vault/oci_auth_backend.py +676 -0
pulumi_vault/oci_auth_backend_role.py +852 -0
pulumi_vault/okta/__init__.py +13 -0
pulumi_vault/okta/_inputs.py +320 -0
pulumi_vault/okta/auth_backend.py +1231 -0
pulumi_vault/okta/auth_backend_group.py +369 -0
pulumi_vault/okta/auth_backend_user.py +416 -0
pulumi_vault/okta/outputs.py +244 -0
pulumi_vault/outputs.py +502 -0
pulumi_vault/pkisecret/__init__.py +38 -0
pulumi_vault/pkisecret/_inputs.py +270 -0
pulumi_vault/pkisecret/backend_acme_eab.py +550 -0
pulumi_vault/pkisecret/backend_config_acme.py +690 -0
pulumi_vault/pkisecret/backend_config_auto_tidy.py +1370 -0
pulumi_vault/pkisecret/backend_config_cluster.py +370 -0
pulumi_vault/pkisecret/backend_config_cmpv2.py +693 -0
pulumi_vault/pkisecret/backend_config_est.py +756 -0
pulumi_vault/pkisecret/backend_config_scep.py +738 -0
pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
pulumi_vault/pkisecret/get_backend_config_cmpv2.py +226 -0
pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
pulumi_vault/pkisecret/get_backend_config_scep.py +271 -0
pulumi_vault/pkisecret/get_backend_issuer.py +395 -0
pulumi_vault/pkisecret/get_backend_issuers.py +192 -0
pulumi_vault/pkisecret/get_backend_key.py +211 -0
pulumi_vault/pkisecret/get_backend_keys.py +192 -0
pulumi_vault/pkisecret/outputs.py +270 -0
pulumi_vault/pkisecret/secret_backend_cert.py +1315 -0
pulumi_vault/pkisecret/secret_backend_config_ca.py +386 -0
pulumi_vault/pkisecret/secret_backend_config_issuers.py +392 -0
pulumi_vault/pkisecret/secret_backend_config_urls.py +462 -0
pulumi_vault/pkisecret/secret_backend_crl_config.py +846 -0
pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +1629 -0
pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +444 -0
pulumi_vault/pkisecret/secret_backend_issuer.py +1089 -0
pulumi_vault/pkisecret/secret_backend_key.py +613 -0
pulumi_vault/pkisecret/secret_backend_role.py +2694 -0
pulumi_vault/pkisecret/secret_backend_root_cert.py +2134 -0
pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +2031 -0
pulumi_vault/pkisecret/secret_backend_sign.py +1194 -0
pulumi_vault/plugin.py +596 -0
pulumi_vault/plugin_pinned_version.py +299 -0
pulumi_vault/policy.py +279 -0
pulumi_vault/provider.py +781 -0
pulumi_vault/pulumi-plugin.json +5 -0
pulumi_vault/py.typed +0 -0
pulumi_vault/quota_lease_count.py +504 -0
pulumi_vault/quota_rate_limit.py +751 -0
pulumi_vault/rabbitmq/__init__.py +12 -0
pulumi_vault/rabbitmq/_inputs.py +235 -0
pulumi_vault/rabbitmq/outputs.py +144 -0
pulumi_vault/rabbitmq/secret_backend.py +1437 -0
pulumi_vault/rabbitmq/secret_backend_role.py +496 -0
pulumi_vault/raft_autopilot.py +609 -0
pulumi_vault/raft_snapshot_agent_config.py +1591 -0
pulumi_vault/rgp_policy.py +349 -0
pulumi_vault/saml/__init__.py +12 -0
pulumi_vault/saml/_inputs.py +225 -0
pulumi_vault/saml/auth_backend.py +811 -0
pulumi_vault/saml/auth_backend_role.py +1068 -0
pulumi_vault/saml/outputs.py +174 -0
pulumi_vault/scep_auth_backend_role.py +908 -0
pulumi_vault/secrets/__init__.py +18 -0
pulumi_vault/secrets/_inputs.py +110 -0
pulumi_vault/secrets/outputs.py +94 -0
pulumi_vault/secrets/sync_association.py +450 -0
pulumi_vault/secrets/sync_aws_destination.py +780 -0
pulumi_vault/secrets/sync_azure_destination.py +736 -0
pulumi_vault/secrets/sync_config.py +303 -0
pulumi_vault/secrets/sync_gcp_destination.py +572 -0
pulumi_vault/secrets/sync_gh_destination.py +688 -0
pulumi_vault/secrets/sync_github_apps.py +376 -0
pulumi_vault/secrets/sync_vercel_destination.py +603 -0
pulumi_vault/ssh/__init__.py +13 -0
pulumi_vault/ssh/_inputs.py +76 -0
pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
pulumi_vault/ssh/outputs.py +51 -0
pulumi_vault/ssh/secret_backend_ca.py +588 -0
pulumi_vault/ssh/secret_backend_role.py +1493 -0
pulumi_vault/terraformcloud/__init__.py +11 -0
pulumi_vault/terraformcloud/secret_backend.py +1321 -0
pulumi_vault/terraformcloud/secret_creds.py +445 -0
pulumi_vault/terraformcloud/secret_role.py +563 -0
pulumi_vault/token.py +1026 -0
pulumi_vault/tokenauth/__init__.py +9 -0
pulumi_vault/tokenauth/auth_backend_role.py +1135 -0
pulumi_vault/transform/__init__.py +14 -0
pulumi_vault/transform/alphabet.py +348 -0
pulumi_vault/transform/get_decode.py +287 -0
pulumi_vault/transform/get_encode.py +291 -0
pulumi_vault/transform/role.py +350 -0
pulumi_vault/transform/template.py +592 -0
pulumi_vault/transform/transformation.py +608 -0
pulumi_vault/transit/__init__.py +15 -0
pulumi_vault/transit/get_cmac.py +256 -0
pulumi_vault/transit/get_decrypt.py +181 -0
pulumi_vault/transit/get_encrypt.py +174 -0
pulumi_vault/transit/get_sign.py +328 -0
pulumi_vault/transit/get_verify.py +373 -0
pulumi_vault/transit/secret_backend_key.py +1202 -0
pulumi_vault/transit/secret_cache_config.py +302 -0
pulumi_vault-7.6.0a1764657486.dist-info/METADATA +92 -0
pulumi_vault-7.6.0a1764657486.dist-info/RECORD +274 -0
pulumi_vault-7.6.0a1764657486.dist-info/WHEEL +5 -0
pulumi_vault-7.6.0a1764657486.dist-info/top_level.txt +1 -0

pulumi_vault/consul/secret_backend_role.py ADDED Viewed

@@ -0,0 +1,847 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+import builtins as _builtins
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from .. import _utilities
+__all__ = ['SecretBackendRoleArgs', 'SecretBackendRole']
+@pulumi.input_type
+class SecretBackendRoleArgs:
+    def __init__(__self__, *,
+                 backend: Optional[pulumi.Input[_builtins.str]] = None,
+                 consul_namespace: Optional[pulumi.Input[_builtins.str]] = None,
+                 consul_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 consul_roles: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 local: Optional[pulumi.Input[_builtins.bool]] = None,
+                 max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[_builtins.str]] = None,
+                 node_identities: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 partition: Optional[pulumi.Input[_builtins.str]] = None,
+                 policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 service_identities: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 ttl: Optional[pulumi.Input[_builtins.int]] = None):
+        """
+        The set of arguments for constructing a SecretBackendRole resource.
+        :param pulumi.Input[_builtins.str] backend: The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required.
+        :param pulumi.Input[_builtins.str] consul_namespace: The Consul namespace that the token will be created in.
+               Applicable for Vault 1.10+ and Consul 1.7+".
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] consul_policies: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] consul_roles: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token.
+               Applicable for Vault 1.10+ with Consul 1.5+.
+        :param pulumi.Input[_builtins.bool] local: Indicates that the token should not be replicated globally and instead be local to the current datacenter.
+        :param pulumi.Input[_builtins.int] max_ttl: Maximum TTL for leases associated with this role, in seconds.
+        :param pulumi.Input[_builtins.str] name: The name of the Consul secrets engine role to create.
+        :param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
+               The value should not contain leading or trailing forward slashes.
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+               *Available only for Vault Enterprise*.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] node_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
+               identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
+        :param pulumi.Input[_builtins.str] partition: The admin partition that the token will be created in.
+               Applicable for Vault 1.10+ and Consul 1.11+".
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] policies: The list of Consul ACL policies to associate with these roles.
+               **NOTE:** The new parameter `consul_policies` should be used in favor of this. This parameter,
+               `policies`, remains supported for legacy users, but Vault has deprecated this field.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] service_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
+               service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
+        :param pulumi.Input[_builtins.int] ttl: Specifies the TTL for this role.
+        """
+        if backend is not None:
+            pulumi.set(__self__, "backend", backend)
+        if consul_namespace is not None:
+            pulumi.set(__self__, "consul_namespace", consul_namespace)
+        if consul_policies is not None:
+            pulumi.set(__self__, "consul_policies", consul_policies)
+        if consul_roles is not None:
+            pulumi.set(__self__, "consul_roles", consul_roles)
+        if local is not None:
+            pulumi.set(__self__, "local", local)
+        if max_ttl is not None:
+            pulumi.set(__self__, "max_ttl", max_ttl)
+        if name is not None:
+            pulumi.set(__self__, "name", name)
+        if namespace is not None:
+            pulumi.set(__self__, "namespace", namespace)
+        if node_identities is not None:
+            pulumi.set(__self__, "node_identities", node_identities)
+        if partition is not None:
+            pulumi.set(__self__, "partition", partition)
+        if policies is not None:
+            pulumi.set(__self__, "policies", policies)
+        if service_identities is not None:
+            pulumi.set(__self__, "service_identities", service_identities)
+        if ttl is not None:
+            pulumi.set(__self__, "ttl", ttl)
+    @_builtins.property
+    @pulumi.getter
+    def backend(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required.
+        """
+        return pulumi.get(self, "backend")
+    @backend.setter
+    def backend(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "backend", value)
+    @_builtins.property
+    @pulumi.getter(name="consulNamespace")
+    def consul_namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The Consul namespace that the token will be created in.
+        Applicable for Vault 1.10+ and Consul 1.7+".
+        """
+        return pulumi.get(self, "consul_namespace")
+    @consul_namespace.setter
+    def consul_namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "consul_namespace", value)
+    @_builtins.property
+    @pulumi.getter(name="consulPolicies")
+    def consul_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles.
+        """
+        return pulumi.get(self, "consul_policies")
+    @consul_policies.setter
+    def consul_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "consul_policies", value)
+    @_builtins.property
+    @pulumi.getter(name="consulRoles")
+    def consul_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token.
+        Applicable for Vault 1.10+ with Consul 1.5+.
+        """
+        return pulumi.get(self, "consul_roles")
+    @consul_roles.setter
+    def consul_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "consul_roles", value)
+    @_builtins.property
+    @pulumi.getter
+    def local(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Indicates that the token should not be replicated globally and instead be local to the current datacenter.
+        """
+        return pulumi.get(self, "local")
+    @local.setter
+    def local(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "local", value)
+    @_builtins.property
+    @pulumi.getter(name="maxTtl")
+    def max_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
+        """
+        Maximum TTL for leases associated with this role, in seconds.
+        """
+        return pulumi.get(self, "max_ttl")
+    @max_ttl.setter
+    def max_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
+        pulumi.set(self, "max_ttl", value)
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The name of the Consul secrets engine role to create.
+        """
+        return pulumi.get(self, "name")
+    @name.setter
+    def name(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "name", value)
+    @_builtins.property
+    @pulumi.getter
+    def namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The namespace to provision the resource in.
+        The value should not contain leading or trailing forward slashes.
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+        *Available only for Vault Enterprise*.
+        """
+        return pulumi.get(self, "namespace")
+    @namespace.setter
+    def namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "namespace", value)
+    @_builtins.property
+    @pulumi.getter(name="nodeIdentities")
+    def node_identities(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
+        identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
+        """
+        return pulumi.get(self, "node_identities")
+    @node_identities.setter
+    def node_identities(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "node_identities", value)
+    @_builtins.property
+    @pulumi.getter
+    def partition(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The admin partition that the token will be created in.
+        Applicable for Vault 1.10+ and Consul 1.11+".
+        """
+        return pulumi.get(self, "partition")
+    @partition.setter
+    def partition(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "partition", value)
+    @_builtins.property
+    @pulumi.getter
+    def policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        The list of Consul ACL policies to associate with these roles.
+        **NOTE:** The new parameter `consul_policies` should be used in favor of this. This parameter,
+        `policies`, remains supported for legacy users, but Vault has deprecated this field.
+        """
+        return pulumi.get(self, "policies")
+    @policies.setter
+    def policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "policies", value)
+    @_builtins.property
+    @pulumi.getter(name="serviceIdentities")
+    def service_identities(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
+        service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
+        """
+        return pulumi.get(self, "service_identities")
+    @service_identities.setter
+    def service_identities(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "service_identities", value)
+    @_builtins.property
+    @pulumi.getter
+    def ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
+        """
+        Specifies the TTL for this role.
+        """
+        return pulumi.get(self, "ttl")
+    @ttl.setter
+    def ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
+        pulumi.set(self, "ttl", value)
+@pulumi.input_type
+class _SecretBackendRoleState:
+    def __init__(__self__, *,
+                 backend: Optional[pulumi.Input[_builtins.str]] = None,
+                 consul_namespace: Optional[pulumi.Input[_builtins.str]] = None,
+                 consul_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 consul_roles: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 local: Optional[pulumi.Input[_builtins.bool]] = None,
+                 max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[_builtins.str]] = None,
+                 node_identities: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 partition: Optional[pulumi.Input[_builtins.str]] = None,
+                 policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 service_identities: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 ttl: Optional[pulumi.Input[_builtins.int]] = None):
+        """
+        Input properties used for looking up and filtering SecretBackendRole resources.
+        :param pulumi.Input[_builtins.str] backend: The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required.
+        :param pulumi.Input[_builtins.str] consul_namespace: The Consul namespace that the token will be created in.
+               Applicable for Vault 1.10+ and Consul 1.7+".
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] consul_policies: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] consul_roles: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token.
+               Applicable for Vault 1.10+ with Consul 1.5+.
+        :param pulumi.Input[_builtins.bool] local: Indicates that the token should not be replicated globally and instead be local to the current datacenter.
+        :param pulumi.Input[_builtins.int] max_ttl: Maximum TTL for leases associated with this role, in seconds.
+        :param pulumi.Input[_builtins.str] name: The name of the Consul secrets engine role to create.
+        :param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
+               The value should not contain leading or trailing forward slashes.
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+               *Available only for Vault Enterprise*.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] node_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
+               identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
+        :param pulumi.Input[_builtins.str] partition: The admin partition that the token will be created in.
+               Applicable for Vault 1.10+ and Consul 1.11+".
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] policies: The list of Consul ACL policies to associate with these roles.
+               **NOTE:** The new parameter `consul_policies` should be used in favor of this. This parameter,
+               `policies`, remains supported for legacy users, but Vault has deprecated this field.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] service_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
+               service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
+        :param pulumi.Input[_builtins.int] ttl: Specifies the TTL for this role.
+        """
+        if backend is not None:
+            pulumi.set(__self__, "backend", backend)
+        if consul_namespace is not None:
+            pulumi.set(__self__, "consul_namespace", consul_namespace)
+        if consul_policies is not None:
+            pulumi.set(__self__, "consul_policies", consul_policies)
+        if consul_roles is not None:
+            pulumi.set(__self__, "consul_roles", consul_roles)
+        if local is not None:
+            pulumi.set(__self__, "local", local)
+        if max_ttl is not None:
+            pulumi.set(__self__, "max_ttl", max_ttl)
+        if name is not None:
+            pulumi.set(__self__, "name", name)
+        if namespace is not None:
+            pulumi.set(__self__, "namespace", namespace)
+        if node_identities is not None:
+            pulumi.set(__self__, "node_identities", node_identities)
+        if partition is not None:
+            pulumi.set(__self__, "partition", partition)
+        if policies is not None:
+            pulumi.set(__self__, "policies", policies)
+        if service_identities is not None:
+            pulumi.set(__self__, "service_identities", service_identities)
+        if ttl is not None:
+            pulumi.set(__self__, "ttl", ttl)
+    @_builtins.property
+    @pulumi.getter
+    def backend(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required.
+        """
+        return pulumi.get(self, "backend")
+    @backend.setter
+    def backend(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "backend", value)
+    @_builtins.property
+    @pulumi.getter(name="consulNamespace")
+    def consul_namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The Consul namespace that the token will be created in.
+        Applicable for Vault 1.10+ and Consul 1.7+".
+        """
+        return pulumi.get(self, "consul_namespace")
+    @consul_namespace.setter
+    def consul_namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "consul_namespace", value)
+    @_builtins.property
+    @pulumi.getter(name="consulPolicies")
+    def consul_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles.
+        """
+        return pulumi.get(self, "consul_policies")
+    @consul_policies.setter
+    def consul_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "consul_policies", value)
+    @_builtins.property
+    @pulumi.getter(name="consulRoles")
+    def consul_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token.
+        Applicable for Vault 1.10+ with Consul 1.5+.
+        """
+        return pulumi.get(self, "consul_roles")
+    @consul_roles.setter
+    def consul_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "consul_roles", value)
+    @_builtins.property
+    @pulumi.getter
+    def local(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Indicates that the token should not be replicated globally and instead be local to the current datacenter.
+        """
+        return pulumi.get(self, "local")
+    @local.setter
+    def local(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "local", value)
+    @_builtins.property
+    @pulumi.getter(name="maxTtl")
+    def max_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
+        """
+        Maximum TTL for leases associated with this role, in seconds.
+        """
+        return pulumi.get(self, "max_ttl")
+    @max_ttl.setter
+    def max_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
+        pulumi.set(self, "max_ttl", value)
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The name of the Consul secrets engine role to create.
+        """
+        return pulumi.get(self, "name")
+    @name.setter
+    def name(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "name", value)
+    @_builtins.property
+    @pulumi.getter
+    def namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The namespace to provision the resource in.
+        The value should not contain leading or trailing forward slashes.
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+        *Available only for Vault Enterprise*.
+        """
+        return pulumi.get(self, "namespace")
+    @namespace.setter
+    def namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "namespace", value)
+    @_builtins.property
+    @pulumi.getter(name="nodeIdentities")
+    def node_identities(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
+        identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
+        """
+        return pulumi.get(self, "node_identities")
+    @node_identities.setter
+    def node_identities(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "node_identities", value)
+    @_builtins.property
+    @pulumi.getter
+    def partition(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The admin partition that the token will be created in.
+        Applicable for Vault 1.10+ and Consul 1.11+".
+        """
+        return pulumi.get(self, "partition")
+    @partition.setter
+    def partition(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "partition", value)
+    @_builtins.property
+    @pulumi.getter
+    def policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        The list of Consul ACL policies to associate with these roles.
+        **NOTE:** The new parameter `consul_policies` should be used in favor of this. This parameter,
+        `policies`, remains supported for legacy users, but Vault has deprecated this field.
+        """
+        return pulumi.get(self, "policies")
+    @policies.setter
+    def policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "policies", value)
+    @_builtins.property
+    @pulumi.getter(name="serviceIdentities")
+    def service_identities(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
+        service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
+        """
+        return pulumi.get(self, "service_identities")
+    @service_identities.setter
+    def service_identities(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "service_identities", value)
+    @_builtins.property
+    @pulumi.getter
+    def ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
+        """
+        Specifies the TTL for this role.
+        """
+        return pulumi.get(self, "ttl")
+    @ttl.setter
+    def ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
+        pulumi.set(self, "ttl", value)
+@pulumi.type_token("vault:consul/secretBackendRole:SecretBackendRole")
+class SecretBackendRole(pulumi.CustomResource):
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 backend: Optional[pulumi.Input[_builtins.str]] = None,
+                 consul_namespace: Optional[pulumi.Input[_builtins.str]] = None,
+                 consul_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 consul_roles: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 local: Optional[pulumi.Input[_builtins.bool]] = None,
+                 max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[_builtins.str]] = None,
+                 node_identities: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 partition: Optional[pulumi.Input[_builtins.str]] = None,
+                 policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 service_identities: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 ttl: Optional[pulumi.Input[_builtins.int]] = None,
+                 __props__=None):
+        """
+        Manages a Consul secrets role for a Consul secrets engine in Vault. Consul secret backends can then issue Consul tokens.
+        ## Example Usage
+        ```python
+        import pulumi
+        import pulumi_vault as vault
+        test = vault.consul.SecretBackend("test",
+            path="consul",
+            description="Manages the Consul backend",
+            address="127.0.0.1:8500",
+            token="4240861b-ce3d-8530-115a-521ff070dd29")
+        example = vault.consul.SecretBackendRole("example",
+            name="test-role",
+            backend=test.path,
+            consul_policies=["example-policy"])
+        ```
+        ## Note About Required Arguments
+        *At least one* of the four arguments `consul_policies`, `consul_roles`, `service_identities`, or
+        `node_identities` is required for a token. If desired, any combination of the four arguments up-to and
+        including all four, is valid.
+        ## Import
+        Consul secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.
+        ```sh
+        $ pulumi import vault:consul/secretBackendRole:SecretBackendRole example consul/roles/my-role
+        ```
+        :param str resource_name: The name of the resource.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[_builtins.str] backend: The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required.
+        :param pulumi.Input[_builtins.str] consul_namespace: The Consul namespace that the token will be created in.
+               Applicable for Vault 1.10+ and Consul 1.7+".
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] consul_policies: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] consul_roles: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token.
+               Applicable for Vault 1.10+ with Consul 1.5+.
+        :param pulumi.Input[_builtins.bool] local: Indicates that the token should not be replicated globally and instead be local to the current datacenter.
+        :param pulumi.Input[_builtins.int] max_ttl: Maximum TTL for leases associated with this role, in seconds.
+        :param pulumi.Input[_builtins.str] name: The name of the Consul secrets engine role to create.
+        :param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
+               The value should not contain leading or trailing forward slashes.
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+               *Available only for Vault Enterprise*.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] node_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
+               identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
+        :param pulumi.Input[_builtins.str] partition: The admin partition that the token will be created in.
+               Applicable for Vault 1.10+ and Consul 1.11+".
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] policies: The list of Consul ACL policies to associate with these roles.
+               **NOTE:** The new parameter `consul_policies` should be used in favor of this. This parameter,
+               `policies`, remains supported for legacy users, but Vault has deprecated this field.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] service_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
+               service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
+        :param pulumi.Input[_builtins.int] ttl: Specifies the TTL for this role.
+        """
+        ...
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 args: Optional[SecretBackendRoleArgs] = None,
+                 opts: Optional[pulumi.ResourceOptions] = None):
+        """
+        Manages a Consul secrets role for a Consul secrets engine in Vault. Consul secret backends can then issue Consul tokens.
+        ## Example Usage
+        ```python
+        import pulumi
+        import pulumi_vault as vault
+        test = vault.consul.SecretBackend("test",
+            path="consul",
+            description="Manages the Consul backend",
+            address="127.0.0.1:8500",
+            token="4240861b-ce3d-8530-115a-521ff070dd29")
+        example = vault.consul.SecretBackendRole("example",
+            name="test-role",
+            backend=test.path,
+            consul_policies=["example-policy"])
+        ```
+        ## Note About Required Arguments
+        *At least one* of the four arguments `consul_policies`, `consul_roles`, `service_identities`, or
+        `node_identities` is required for a token. If desired, any combination of the four arguments up-to and
+        including all four, is valid.
+        ## Import
+        Consul secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.
+        ```sh
+        $ pulumi import vault:consul/secretBackendRole:SecretBackendRole example consul/roles/my-role
+        ```
+        :param str resource_name: The name of the resource.
+        :param SecretBackendRoleArgs args: The arguments to use to populate this resource's properties.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        """
+        ...
+    def __init__(__self__, resource_name: str, *args, **kwargs):
+        resource_args, opts = _utilities.get_resource_args_opts(SecretBackendRoleArgs, pulumi.ResourceOptions, *args, **kwargs)
+        if resource_args is not None:
+            __self__._internal_init(resource_name, opts, **resource_args.__dict__)
+        else:
+            __self__._internal_init(resource_name, *args, **kwargs)
+    def _internal_init(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 backend: Optional[pulumi.Input[_builtins.str]] = None,
+                 consul_namespace: Optional[pulumi.Input[_builtins.str]] = None,
+                 consul_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 consul_roles: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 local: Optional[pulumi.Input[_builtins.bool]] = None,
+                 max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[_builtins.str]] = None,
+                 node_identities: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 partition: Optional[pulumi.Input[_builtins.str]] = None,
+                 policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 service_identities: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 ttl: Optional[pulumi.Input[_builtins.int]] = None,
+                 __props__=None):
+        opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
+        if not isinstance(opts, pulumi.ResourceOptions):
+            raise TypeError('Expected resource options to be a ResourceOptions instance')
+        if opts.id is None:
+            if __props__ is not None:
+                raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
+            __props__ = SecretBackendRoleArgs.__new__(SecretBackendRoleArgs)
+            __props__.__dict__["backend"] = backend
+            __props__.__dict__["consul_namespace"] = consul_namespace
+            __props__.__dict__["consul_policies"] = consul_policies
+            __props__.__dict__["consul_roles"] = consul_roles
+            __props__.__dict__["local"] = local
+            __props__.__dict__["max_ttl"] = max_ttl
+            __props__.__dict__["name"] = name
+            __props__.__dict__["namespace"] = namespace
+            __props__.__dict__["node_identities"] = node_identities
+            __props__.__dict__["partition"] = partition
+            __props__.__dict__["policies"] = policies
+            __props__.__dict__["service_identities"] = service_identities
+            __props__.__dict__["ttl"] = ttl
+        super(SecretBackendRole, __self__).__init__(
+            'vault:consul/secretBackendRole:SecretBackendRole',
+            resource_name,
+            __props__,
+            opts)
+    @staticmethod
+    def get(resource_name: str,
+            id: pulumi.Input[str],
+            opts: Optional[pulumi.ResourceOptions] = None,
+            backend: Optional[pulumi.Input[_builtins.str]] = None,
+            consul_namespace: Optional[pulumi.Input[_builtins.str]] = None,
+            consul_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            consul_roles: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            local: Optional[pulumi.Input[_builtins.bool]] = None,
+            max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
+            name: Optional[pulumi.Input[_builtins.str]] = None,
+            namespace: Optional[pulumi.Input[_builtins.str]] = None,
+            node_identities: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            partition: Optional[pulumi.Input[_builtins.str]] = None,
+            policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            service_identities: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            ttl: Optional[pulumi.Input[_builtins.int]] = None) -> 'SecretBackendRole':
+        """
+        Get an existing SecretBackendRole resource's state with the given name, id, and optional extra
+        properties used to qualify the lookup.
+        :param str resource_name: The unique name of the resulting resource.
+        :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[_builtins.str] backend: The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required.
+        :param pulumi.Input[_builtins.str] consul_namespace: The Consul namespace that the token will be created in.
+               Applicable for Vault 1.10+ and Consul 1.7+".
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] consul_policies: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] consul_roles: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token.
+               Applicable for Vault 1.10+ with Consul 1.5+.
+        :param pulumi.Input[_builtins.bool] local: Indicates that the token should not be replicated globally and instead be local to the current datacenter.
+        :param pulumi.Input[_builtins.int] max_ttl: Maximum TTL for leases associated with this role, in seconds.
+        :param pulumi.Input[_builtins.str] name: The name of the Consul secrets engine role to create.
+        :param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
+               The value should not contain leading or trailing forward slashes.
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+               *Available only for Vault Enterprise*.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] node_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
+               identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
+        :param pulumi.Input[_builtins.str] partition: The admin partition that the token will be created in.
+               Applicable for Vault 1.10+ and Consul 1.11+".
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] policies: The list of Consul ACL policies to associate with these roles.
+               **NOTE:** The new parameter `consul_policies` should be used in favor of this. This parameter,
+               `policies`, remains supported for legacy users, but Vault has deprecated this field.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] service_identities: <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
+               service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
+        :param pulumi.Input[_builtins.int] ttl: Specifies the TTL for this role.
+        """
+        opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
+        __props__ = _SecretBackendRoleState.__new__(_SecretBackendRoleState)
+        __props__.__dict__["backend"] = backend
+        __props__.__dict__["consul_namespace"] = consul_namespace
+        __props__.__dict__["consul_policies"] = consul_policies
+        __props__.__dict__["consul_roles"] = consul_roles
+        __props__.__dict__["local"] = local
+        __props__.__dict__["max_ttl"] = max_ttl
+        __props__.__dict__["name"] = name
+        __props__.__dict__["namespace"] = namespace
+        __props__.__dict__["node_identities"] = node_identities
+        __props__.__dict__["partition"] = partition
+        __props__.__dict__["policies"] = policies
+        __props__.__dict__["service_identities"] = service_identities
+        __props__.__dict__["ttl"] = ttl
+        return SecretBackendRole(resource_name, opts=opts, __props__=__props__)
+    @_builtins.property
+    @pulumi.getter
+    def backend(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required.
+        """
+        return pulumi.get(self, "backend")
+    @_builtins.property
+    @pulumi.getter(name="consulNamespace")
+    def consul_namespace(self) -> pulumi.Output[_builtins.str]:
+        """
+        The Consul namespace that the token will be created in.
+        Applicable for Vault 1.10+ and Consul 1.7+".
+        """
+        return pulumi.get(self, "consul_namespace")
+    @_builtins.property
+    @pulumi.getter(name="consulPolicies")
+    def consul_policies(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
+        """
+        <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> The list of Consul ACL policies to associate with these roles.
+        """
+        return pulumi.get(self, "consul_policies")
+    @_builtins.property
+    @pulumi.getter(name="consulRoles")
+    def consul_roles(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
+        """
+        <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul roles to attach to the token.
+        Applicable for Vault 1.10+ with Consul 1.5+.
+        """
+        return pulumi.get(self, "consul_roles")
+    @_builtins.property
+    @pulumi.getter
+    def local(self) -> pulumi.Output[Optional[_builtins.bool]]:
+        """
+        Indicates that the token should not be replicated globally and instead be local to the current datacenter.
+        """
+        return pulumi.get(self, "local")
+    @_builtins.property
+    @pulumi.getter(name="maxTtl")
+    def max_ttl(self) -> pulumi.Output[Optional[_builtins.int]]:
+        """
+        Maximum TTL for leases associated with this role, in seconds.
+        """
+        return pulumi.get(self, "max_ttl")
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> pulumi.Output[_builtins.str]:
+        """
+        The name of the Consul secrets engine role to create.
+        """
+        return pulumi.get(self, "name")
+    @_builtins.property
+    @pulumi.getter
+    def namespace(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        The namespace to provision the resource in.
+        The value should not contain leading or trailing forward slashes.
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+        *Available only for Vault Enterprise*.
+        """
+        return pulumi.get(self, "namespace")
+    @_builtins.property
+    @pulumi.getter(name="nodeIdentities")
+    def node_identities(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
+        """
+        <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul node
+        identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.8+.
+        """
+        return pulumi.get(self, "node_identities")
+    @_builtins.property
+    @pulumi.getter
+    def partition(self) -> pulumi.Output[_builtins.str]:
+        """
+        The admin partition that the token will be created in.
+        Applicable for Vault 1.10+ and Consul 1.11+".
+        """
+        return pulumi.get(self, "partition")
+    @_builtins.property
+    @pulumi.getter
+    def policies(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
+        """
+        The list of Consul ACL policies to associate with these roles.
+        **NOTE:** The new parameter `consul_policies` should be used in favor of this. This parameter,
+        `policies`, remains supported for legacy users, but Vault has deprecated this field.
+        """
+        return pulumi.get(self, "policies")
+    @_builtins.property
+    @pulumi.getter(name="serviceIdentities")
+    def service_identities(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
+        """
+        <sup><a href="#note-about-required-arguments">SEE NOTE</a></sup> Set of Consul
+        service identities to attach to the token. Applicable for Vault 1.11+ with Consul 1.5+.
+        """
+        return pulumi.get(self, "service_identities")
+    @_builtins.property
+    @pulumi.getter
+    def ttl(self) -> pulumi.Output[Optional[_builtins.int]]:
+        """
+        Specifies the TTL for this role.
+        """
+        return pulumi.get(self, "ttl")